Dashboard to collect, analyze, and respond to reported phishing emails.
Disassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱
Gg Shield Action
GitGuardian Shield GitHub Action - Find exposed credentials in your commits
Visualize network topologies and collect graph statistics based on pcap files
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Source Code Security Audit (源代码安全审计)
eBPF Utilities, Maps, and more
(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Android Pin Bruteforce
Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆
A Blazing fast Security Auditing tool for Kubernetes
File Scanning Framework
.NET runtime inspector
Cameradar hacks its way into RTSP videosurveillance cameras
zBang is a risk assessment tool that detects potential privileged account threats
Fuzz your Rust code with Google-developed Honggfuzz !
PoC code from DEF CON 25 presentation
AWS Identity and Access Management Visualizer and Anomaly Finder
A Virtual environment for Pentesting IoT Devices
⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Bash script to audit and fix macOS Catalina (10.15.x) security settings
大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0
Light NodeJS rate limiting and response delaying using Redis - including Express middleware.
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Aws Auto Remediate
Open source application to instantly remediate common security issues through the use of AWS Config
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Reverse shell generator written in Python 3.
memory search and patch tool on debuggable apk without root & ndk
A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Search exposed EBS volumes for secrets
Intelligence and Reconnaissance Package/Bundle installer.
Hide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.